If they can just move the industry standard way of adopting existing systems for two factor authentication, there will be practically no downside. Sure, add a token generator to the app, but dear god let us use other things instead if we want to.

I accidentally enabled 2FA a good long while ago, hoping for some sort of TOTP support, and upon being dissapointed, they just said that it wasn't in their plans.

Email 2FA is better than nothing, but I'd really prefer U2F / Hardware Token / TOTP (Google Auth, Authy, other Generators are available) to be allowed since it's more safe for more people (since there isn't a single remote point of failure for 99% of people)

Different website and kind of content, but I'm an artist who used to draw lots of fanart of popular series a while ago. I still do occasionally, but I've been focusing on more original stuff lately. Anyway, sometimes people would repost my fanart to Instagram without bothering to give me any sort of credit in the captions. I don't spend hours working on art just so that I could get maybe 20 likes and 1 follower, while somebody else takes it and gets thousands of likes and 20 followers.

I would sometimes browse tags to look at fanart for the series that I enjoy, and every time I saw a repost of my own art with no mention of my account in the caption, I would make a comment saying "hey I drew this art" on the post, and then say that exact same thing, promoting myself to every single other person who commented on the post. That usually got me lots of positive responses and people following me, shifting attention away from the reposter.

I usually love when people repost my work because it helps with the exposure, but only if they mention me in the caption and tag my account so that anybody interested in the art knows where to go for more of it. There's no point in exposure if it's not even going to me.

I did the work, I deserve the recognition. Steal my recognition, and I'll steal your spotlight.

Wasn't even really bots, it was just Reddit users who gave us access to their accounts via an extension to vote on their behalf, at most we had 150 concurrent users connected, which wasn't enough to just instantly win anything. There were a couple times when the reddit hivemind outvoted us. Most of the bot detection measures probably would fail due to all the accounts being legitimate users, apart from a small amount of abnormal behaviour in one subreddit, but I can't confirm this.

It also wasn't a solo project, it was a joint collaboration between quite a few different discords, and communities, the snakeroom brought the product to market, the others adopted it, and we pushed posts when we needed to. We spoke lightly to some of the Reddit admins involved with the project, and none of them seemed overly concerned with the bots, as they haven't in prior years either, since it's such a minor issue in the long run.e